A data breach refers to a security incident where unauthorized individuals gain access to sensitive or confidential information stored in a computer system, network, or database. This breach may result in the unauthorized acquisition, disclosure, or use of the compromised data, potentially causing harm to individuals or organizations affected. Data breaches can occur due to cyberattacks, insider threats, or accidental exposure, and they pose significant risks to privacy, security, and reputation.
Some examples of a security breach are:
Some sources more specifically define a data breach as the confirmed access and use of confidential data for illegal purposes. This narrower definition shifts the focus of a data breach from the party that may have (however inadvertently) disclosed or permitted disclosure of information and places the focus solely on the cyber thieves, hackers, or cyber criminals. The problem with this narrower focus is that it may lead one to believe that a breach is really not a problem until there is proven evidence of medical theft, identity theft, or other financial loss to the individual whose information was accessed.